CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-28212

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2020-28212

Schneider-Electric » Ecostruxure Control Expert » Version: N/A

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:-
Schneider-Electric » Ecostruxure Control Expert » Version: 14.0

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.0
Schneider-Electric » Ecostruxure Control Expert » Version: 14.1

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.1
Schneider-Electric » Ecostruxure Control Expert » Version: 15.0

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.0
Schneider-Electric » Ecostruxure Control Expert » Version: 15.1

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.1
Schneider-Electric » Ecostruxure Control Expert » Version: 15.2

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.2
Schneider-Electric » Ecostruxure Control Expert » Version: 15.3

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.3
Schneider-Electric » Ecostruxure Control Expert » Version: 16.0

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:16.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-28212

Products

Pricing

Contact Us